From 1883a50bb83fd04992b78cc0055b6befed234831 Mon Sep 17 00:00:00 2001 From: Daniel Joseph Barnhart Clark Date: Fri, 13 Jul 2007 17:45:23 +0000 Subject: Add PRNGD support to tlslite to try to get AIX <= 5.1 to work (they have no /dev/random or /dev/urandom). Once this is tested I'll submit to tlslite-users for inclusion in upstream source. git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@3438 ce84e21b-d406-0410-9b95-82705330c041 --- src/lib/tlslite/utils/cryptomath.py | 19 +++++++++--- src/lib/tlslite/utils/prngd.py | 62 +++++++++++++++++++++++++++++++++++++ 2 files changed, 77 insertions(+), 4 deletions(-) create mode 100644 src/lib/tlslite/utils/prngd.py (limited to 'src') diff --git a/src/lib/tlslite/utils/cryptomath.py b/src/lib/tlslite/utils/cryptomath.py index 51d6dff7c..204bb485c 100755 --- a/src/lib/tlslite/utils/cryptomath.py +++ b/src/lib/tlslite/utils/cryptomath.py @@ -99,11 +99,22 @@ except: return stringToBytes(s) prngName ="CryptoAPI" except ImportError: + # Else see if we ahve Pprngd running + try: + def getRandomBytes(howMany): + import prngd + try: + p = prngd.PRNGD(sockname="/var/run/egd-pool") + except: + p = prngd.PRNGD(sockname="/dev/egd-pool") + return stringToBytes(p.read(howMany)) + prngName = "PRNGD" + except: #Else no PRNG :-( - def getRandomBytes(howMany): - raise NotImplementedError("No Random Number Generator "\ - "available.") - prngName = "None" + def getRandomBytes(howMany): + raise NotImplementedError("No Random Number Generator "\ + "available.") + prngName = "None" # ************************************************************************** # Converter Functions diff --git a/src/lib/tlslite/utils/prngd.py b/src/lib/tlslite/utils/prngd.py new file mode 100644 index 000000000..c86b7046a --- /dev/null +++ b/src/lib/tlslite/utils/prngd.py @@ -0,0 +1,62 @@ +"""prngd module + +This module interfaces with PRNGD - Pseudo Random Number Generator +Daemon for platforms without /dev/random or /dev/urandom. + +It is based on code from Stuart D. Gathman stuart at bmsi.com and is +Public Domain. The original code is available from +http://mail.python.org/pipermail/python-list/2002-November/170737.html""" + +import socket +from struct import unpack,pack + +class PRNGD: + "Provide access to the Portable Random Number Generator Daemon" + + def __init__(self,sockname="/var/run/egd-pool"): + self.randfile = socket.socket(socket.AF_UNIX,socket.SOCK_STREAM) + self.randfile.connect(sockname) + + def _readall(self,n): + s = self.randfile.recv(n) + while len(s) < n: + s = s + self.randfile.recv(n - len(s)) + return s + + def get(self): + "Return number of available bytes of entropy." + self.randfile.sendall('\x00') + return unpack(">i",self._readall(4))[0] + + def read(self,cnt): + "Return available entropy, up to cnt bytes." + if cnt > 255: cnt = 255 + self.randfile.sendall(pack("BB",0x01,cnt)) + buf = self._readall(1) + assert len(buf) == 1 + count = unpack("B",buf)[0] + buf = self._readall(count) + assert len(buf) == count, "didn't get all the entropy" + return buf + + def readall(self,cnt): + "Return all entropy bytes requested" + if cnt < 256: + self.randfile.sendall(pack("BB",0x02,cnt)) + return self._readall(cnt) + buf = readall(self,255) + cnt -= len(buf) + while cnt > 255: + buf += readall(self,255) + cnt -= len(buf) + return buf + readall(self,cnt) + + def getpid(self): + "Return the process id string of the prngd" + self.randfile.sendall('\x04') + buf = self._readall(1) + assert len(buf) == 1 + count = unpack("B",buf)[0] + buf = self._readall(count) + assert len(buf) == count, "didn't get whole PID string" + return buf -- cgit v1.2.3-1-g7c22